This specification relates to transparent build system instrumentation, which can be used for static analysis of computer software source code.
Static analysis refers to techniques for analyzing computer software source code without executing the source code as a computer software program.
Source code in a code base is typically compiled in a build environment that includes a build system. The build environment includes an operating system; a file system; executable files, e.g., compilers; environment variables, e.g., variables that indicate a path to file system directories that contain executable files; and other configuration files for building source code in the code base.
Many build systems can make arbitrary textual substitutions in existing source code files before a compiler is called to compile the modified source code. Build systems can also generate temporary source code files that are compiled but then deleted by the build system when compilation is complete.
In addition, build utilities, e.g., the “ant” utility on the Linux and Unix operating systems, can be programmed to copy source code files from one place to another during the build process. For example, a build utility can copy a file from one location to another for compilation because another source code file may include or depend on the copied file. The copied file may then be deleted by the build system after compilation is complete.
In these situations, merely having read access to the source code files in a file system is insufficient for a static analysis system to extract all the source code that is built by a build system.